erickchamber.top
Open in
urlscan Pro
2606:4700:3032::6812:37a6
Malicious Activity!
Public Scan
Submission: On October 30 via api from CH
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 30th 2020. Valid for: a year.
This is the only time erickchamber.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commonwealth Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 2606:4700:303... 2606:4700:3032::6812:37a6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 24.244.156.42 24.244.156.42 | 15146 (CABLEBAHAMAS) (CABLEBAHAMAS) | |
12 | 2 |
ASN15146 (CABLEBAHAMAS, BS)
PTR: cbleib.combankltd.com
cbleib.combankltd.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
erickchamber.top
erickchamber.top |
159 KB |
4 |
combankltd.com
cbleib.combankltd.com |
13 KB |
12 | 2 |
Domain | Requested by | |
---|---|---|
8 | erickchamber.top |
erickchamber.top
|
4 | cbleib.combankltd.com |
erickchamber.top
|
12 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
play.google.com |
itunes.apple.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-30 - 2021-10-29 |
a year | crt.sh |
cbleib.combankltd.com DigiCert SHA2 Extended Validation Server CA |
2020-06-05 - 2022-06-29 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://erickchamber.top/t.html
Frame ID: 1972C4A6D8048DEBC126997CA3092517
Requests: 12 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
t.html
erickchamber.top/ |
18 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.css
erickchamber.top/files/ |
209 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
omnia.css
erickchamber.top/files/ |
550 KB 65 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
erickchamber.top/files/ |
55 KB 55 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
erickchamber.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
available-in-googleplay.png
cbleib.combankltd.com/img/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
available-in-appstore.png
cbleib.combankltd.com/img/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone@2x.png
cbleib.combankltd.com/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
envelope@2x.png
cbleib.combankltd.com/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff
erickchamber.top/files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff
erickchamber.top/files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2UX7WLTfW3W8TclTUvlFyQ.woff
erickchamber.top/files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commonwealth Bank (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.erickchamber.top/ | Name: __cfduid Value: d8e456ea6811c8be6d1ba7bb1808f2dd01604094029 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cbleib.combankltd.com
erickchamber.top
24.244.156.42
2606:4700:3032::6812:37a6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3801fd9afb62498f75f381dbff951f3b4b9d3bfaeefaba68b93ca7ffce4b5ac9
4fb6515540e7585a6d7b1b70915981ad528bdccd4beef366d33785d61abaa7a2
6d2f45997b5a9cadc60c13beedbbf843d2b1718d47f813d915384e44f26a05ef
8fb45fc08db7c6cf27900a5ef08eed4c03ec2a8362ccea2d818793a1e01765f8
af2e512f2c734d26e24589b243994f37791e43f8cc02c4f70b245c4b284c1fc0
c24ed5aca62c867c12e5bab77658a7ffe58c3811c91fe63dc0da6eaa81c9bc00
c2e6a80ec2cff8a14941fed24062c4e0c15bec16c38b0d1b736922cc70c1062c
f67d79b2e7983521c55d6222155640b5f41da2b32927f09093da88362f5e6dee